Ubuntu
amanda package

amanda 1:3.5.1-9ubuntu0.3 source package in Ubuntu

Changelog

amanda (1:3.5.1-9ubuntu0.3) kinetic-security; urgency=medium

  * SECURITY UPDATE: information leak calcsize SUID binary
    - d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially
      privileged information
    - CVE-2022-37703
  * SECURITY UPDATE: privilege escalation via rundump SUID binary
    - d/p/50-fix-CVE-2022-37704: add option validation
    - d/p/52-fix-CVE-2022-37704_part_2: filter RSH environment variable
    - CVE-2022-37704
  * SECURITY UPDATE: privilege escalation via runtar SUID binary
    - d/p/48-fix-CVE-2022-37705: fix option parsing
    - d/p/49-fix-CVE-2022-37705_part_2: amendment to above patch
    - CVE-2022-37705

 -- David Lane <email address hidden>  Tue, 28 Mar 2023 20:58:31 +1100

Upload details

Uploaded by:
David Lane
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
amanda_3.5.1.orig.tar.gz 5.0 MiB 6cb9a13fb7a09970d288ddb2c380e7165c5fe38b85bc761ca7ffe334bc5c534b
amanda_3.5.1-9ubuntu0.3.debian.tar.xz 57.6 KiB 29749a0cd02ed1d9ad0d490d89ee31016e3b88991142ef581a6da12c9eca7e5a
amanda_3.5.1-9ubuntu0.3.dsc 2.1 KiB c55f61279c21f253d22f64453db9f577caecba1670e700573f643e596d985174

View changes file

Binary packages built by this source

amanda-client: No summary available for amanda-client in ubuntu kinetic.

No description available for amanda-client in ubuntu kinetic.

amanda-client-dbgsym: No summary available for amanda-client-dbgsym in ubuntu kinetic.

No description available for amanda-client-dbgsym in ubuntu kinetic.

amanda-common: No summary available for amanda-common in ubuntu kinetic.

No description available for amanda-common in ubuntu kinetic.

amanda-common-dbgsym: No summary available for amanda-common-dbgsym in ubuntu kinetic.

No description available for amanda-common-dbgsym in ubuntu kinetic.

amanda-server: No summary available for amanda-server in ubuntu kinetic.

No description available for amanda-server in ubuntu kinetic.

amanda-server-dbgsym: No summary available for amanda-server-dbgsym in ubuntu kinetic.

No description available for amanda-server-dbgsym in ubuntu kinetic.